Further, while many cloud providers certify select data centre locations, departments or services, iland has achieved ISO 27001 across the company with “zero non-conformities”, underscoring the strength of its advanced security technology and management processes.
As companies race to combat security threats and address evolving compliance requirements, they often struggle to implement and demonstrate the consistent security management that is core to ISO 27001. Proving IT security practices, which ISO 27001 requires, is also key to satisfying the new European Union General Data Protection Regulation before it goes into effect in 2018. iland’s expanded cloud compliance service directly addresses this increasingly complicated challenge, also eliminating security and compliance concerns that frequently prevent cloud adoption.
iland’s offering includes end-to-end compliance support for cloud infrastructure and disaster recovery customers, delivering advanced security technologies and reporting that are backed by iland’s expert in-house consulting team.
“Having a cloud-based disaster recovery solution that helps Bluestone to meet Financial Conduct Authority regulations and ISO 27001 standard requirements is essential,” said Krisztian Kenderesi, global head of IT operations at Bluestone Group, a multi-national financial services company. “iland supports us with advanced security and compliance reporting that speeds up and significantly simplifies our compliance processes.”
“In today’s world, compliance isn’t just about satisfying regulations – it’s about staying ahead of threats and assuring end-customers their data is safe,” said Frank Krieger, director of compliance and IT services, iland. “We’re proud to help our cloud and disaster recovery customers achieve ISO 27001 certification, as it provides a solid foundation of technology and processes that protects against modern hazards and ensures a company can easily adapt to a changing global landscape.”
Advanced security with on-demand compliance reporting
Typically, companies spend an exorbitant amount of time and resources creating and tracking down appropriate documentation needed to satisfy compliance. This is especially true for customers of commodity cloud vendors that do not provide robust security or clear visibility into environments.
Eliminating this waste, iland’s cloud compliance services are rooted in its Enterprise Cloud Services – Advanced Security (ECS-AS) offering that includes deep security and compliance features. The integrated iland ECS console enables customers to monitor, manage and report on every aspect of their cloud infrastructure and disaster recovery environments – from a granular VM all the way up to global resource levels. The console provides on-demand compliance summaries, event histories and platform assurances that encompass the platform’s native security features, including:
· Antivirus and malware detection
· Accelerated storage with encryption at rest
· Whole disk encryption
· Event history, including log inspection and access logs
· Support requests
· Role-based access control
· Dual factor authentication
· Vulnerability scanning
· IPSEC and SSL-VPN
· Firewall Inspection
· Intrusion detection and prevention systems (IPS/IDS)
· Integrity monitoring
· Encrypted backups
Certified compliance consultant team
Going beyond self-service and automation tools, iland’s compliance services also give customers access to its team of certified compliance professionals that can help interpret reports and develop plans, processes and strategies to address ISO 27001 requirements. The team works directly with the customers to:
· Answer questions about report sections and findings
· Provide supporting documentation that explains how the reports relate to ISO 27001
· Assist customers in answering auditors’ questions about report findings
· Assist in aligning with industry regulation controls utilising the ITIL 2011 framework
